/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package web;

import ejb.BusinessLogic;
import ejb.Utente;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import javax.ejb.EJB;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author Max
 */
public class AutenticaUtente extends HttpServlet {
    @EJB
    private BusinessLogic businessLogic;


    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
            RequestDispatcher rd = null;
            ServletContext sc = getServletContext();
            String pagina = request.getParameter("page");
            
            if(request.getParameter("id_prodotto")!=null)
                pagina = "/prodotto.jsp?valore=" + request.getParameter("id_prodotto");
                   
            if (!request.getParameter("inputlogin").equals("logout")) {
                List<Utente> u = businessLogic.listaUtenti();
                String username = request.getParameter("usr");
                
                String password = util.LMD5Gen.md5(request.getParameter("pwd"));
                
                for (int i = 0; i < u.size(); i++) {
                    Utente ut = u.get(i);
                    if ((ut.getUsername().equals(username)) && (ut.getPassword().equals(password))) {
                        HttpSession s = request.getSession();
                        s.setAttribute("username", request.getParameter("usr"));
                        s.setAttribute("flag", ""+ut.getFlag());
                    }
                }
            } else {
                HttpSession s = request.getSession();
                s.removeAttribute("username");
                s.removeAttribute("flag");
                s.invalidate();
                pagina = "/index.jsp";
            }

            //recupero la pagina dalla quale è arrivata la richiesta e reindirizzo alla stessa
            rd = sc.getRequestDispatcher(pagina);
            rd.forward(request, response);
            
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /** 
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        processRequest(request, response);
    }

    /** 
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
